- Open the user menu on the toolbar and click Account Settings.
- Click Single Sign-On (SAML).
- Select the Enable SAML (SSO) Authentication option.
Enter the Identity Provider (IdP) settings:
- IdP AuthenticationRequest Service URL – The URL to which the authentication request from Alfresco is posted. It redirects you to the company's login page that needs to be authenticated.
IdP SingleLogoutRequest Service URL – The URL to which a logout request from Alfresco is posted when logging out from Alfresco Share. It logs you out of Alfresco and any other applications using the SSO solution.
- IdP SingleLogoutResponse Service URL – The URL to which a logout response from Alfresco is posted when receiving a logout request from your IdP.
Click Upload to browse to and upload an IdP certificate.
This is used to validate requests and responses from your IdP.
The Entity Identification (Issuer) and the SAML Entrypoint url are generated automatically and can't be edited.
- The Entity Identification (Issuer) is the issuer's domain name.
- The SAML Entrypoint url is the address for internal users to
access Alfresco through SAML SSO. Note: For security reasons, this URL works for users with emails from your network domain only, so should not be shared with external users. External users that are registered in your IdP cannot log in using SSO, however they can still log in through the normal Alfresco login screen.
Download the SP metadata, which contains the required URLs and the certificate.
You will need to provide these to your IdP.
- Click Save.
You have now configured the SSO settings. You can disable these settings by deselecting Enable SAML(SSO) Authentication . Click Reset to restore the last saved configuration.